Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/2r0DZ_QWau806OcyP5c_unAgqUI.roa
File: 2r0DZ_QWau806OcyP5c_unAgqUI.roa (raw, json)
Hash identifier: sZNn2oeuCVKPhlYdNRJNZdBYq2KkRRAgX0fv9xesjuY=
Subject key identifier: DA:BD:03:67:F4:16:6A:EF:34:E8:E7:32:3F:97:3F:BA:70:20:A9:42
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01848AF18ACBC1D433448381835ACFBEB471
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/2r0DZ_QWau806OcyP5c_unAgqUI.roa
Signing time: Fri 18 Nov 2022 13:33:16 +0000
ROA not before: Fri 18 Nov 2022 13:33:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 93.114.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:f1:8a:cb:c1:d4:33:44:83:81:83:5a:cf:be:b4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Nov 18 13:33:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dabd0367f4166aef34e8e7323f973fba7020a942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:cb:37:a3:d5:33:23:13:dc:9f:8b:63:84:
de:df:ab:95:0a:07:20:be:bb:61:b2:26:83:29:3f:
fe:59:0f:12:47:20:90:03:6c:0d:2d:92:c0:15:f8:
3b:66:18:bb:e3:65:64:75:e1:2d:b3:47:03:0d:75:
1b:01:8f:36:32:aa:2d:ac:8f:27:82:df:92:a2:86:
c2:22:e9:eb:1a:83:20:b3:1f:76:e4:a1:05:70:75:
03:d3:6a:f1:63:cc:d5:2f:35:45:10:9b:2b:30:2c:
f8:09:c1:40:ec:b4:dc:e0:63:84:c8:54:15:a8:18:
70:ea:10:83:11:72:f4:a8:d5:bd:40:f8:45:91:d5:
0c:32:d6:a3:b3:61:9d:ed:b4:5a:b8:8d:24:ca:91:
d7:50:8b:7a:f7:67:44:42:03:ec:0e:bc:42:fd:fa:
cb:30:58:27:24:11:41:ec:c6:30:dd:77:09:4e:8d:
c2:52:d0:51:5f:20:0b:d3:03:98:a3:16:fa:75:cb:
17:54:31:18:c0:45:4d:b4:58:8a:a7:1f:ca:88:0f:
26:ee:7c:c0:35:05:cc:64:90:d8:9c:4f:24:f8:63:
2e:e1:fe:b1:67:27:fc:75:b3:0a:4f:33:1b:53:cc:
b2:ca:e1:05:71:d8:25:53:d6:19:84:6b:41:e1:c6:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BD:03:67:F4:16:6A:EF:34:E8:E7:32:3F:97:3F:BA:70:20:A9:42
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/2r0DZ_QWau806OcyP5c_unAgqUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:e3:c5:76:65:34:0e:da:83:4a:52:b3:dc:03:97:15:ce:0a:
23:fa:b8:a0:46:46:a6:ed:42:52:33:b9:17:b6:12:47:58:31:
ef:f6:c1:11:67:8a:8b:49:86:30:b7:af:d2:91:d5:b1:bc:1b:
e1:7f:f1:dd:c5:51:c1:87:4b:0d:91:e9:af:5c:dc:b7:52:0b:
e3:f9:6b:7e:de:a3:29:0d:6f:27:29:92:23:08:bc:03:f9:19:
4e:60:70:0a:18:f1:c3:4b:eb:c6:9d:d8:b1:a1:a1:ea:ad:3a:
f5:11:e0:f1:20:94:5f:85:63:1b:84:56:b7:8e:20:38:dc:74:
67:50:0d:02:8d:e2:2b:37:46:3b:32:ce:0a:ed:df:3e:fb:98:
62:e3:50:ad:35:aa:4f:79:a2:e3:4d:c0:ef:6c:68:10:91:8f:
04:7e:5d:2f:ee:87:7b:2e:02:91:03:32:83:f1:47:62:fe:17:
44:fd:b1:a7:e0:7c:5f:8a:f8:dd:a2:2a:d5:17:d5:22:cc:ed:
80:4a:a1:5e:ed:f4:71:ad:58:a5:42:83:9c:a0:03:9b:e1:7b:
d3:a2:22:b5:6d:09:d0:56:9f:fd:97:1a:b0:1c:4b:a2:e9:13:
75:83:44:81:d3:20:5c:31:ca:dd:e4:d1:0a:1b:12:0b:5a:04:
f2:41:46:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSK8YrLwdQzRIOBg1rPvrRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIxMTE4MTMzMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJkMDM2N2Y0MTY2YWVmMzRlOGU3MzIzZjk3M2ZiYTcwMjBhOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16/LN6PVMyMT3J+LY4Te36uVCgcg
vrthsiaDKT/+WQ8SRyCQA2wNLZLAFfg7Zhi742VkdeEts0cDDXUbAY82MqotrI8n
gt+SoobCIunrGoMgsx925KEFcHUD02rxY8zVLzVFEJsrMCz4CcFA7LTc4GOEyFQV
qBhw6hCDEXL0qNW9QPhFkdUMMtajs2Gd7bRauI0kypHXUIt692dEQgPsDrxC/frL
MFgnJBFB7MYw3XcJTo3CUtBRXyAL0wOYoxb6dcsXVDEYwEVNtFiKpx/KiA8m7nzA
NQXMZJDYnE8k+GMu4f6xZyf8dbMKTzMbU8yyyuEFcdglU9YZhGtB4cZXWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq9A2f0FmrvNOjnMj+XP7pwIKlCMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvMnIwRFpfUVdhdTgwNk9jeVA1Y191bkFncVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXI/MA0G
CSqGSIb3DQEBCwUAA4IBAQCN48V2ZTQO2oNKUrPcA5cVzgoj+rigRkam7UJSM7kX
thJHWDHv9sERZ4qLSYYwt6/SkdWxvBvhf/HdxVHBh0sNkemvXNy3Ugvj+Wt+3qMp
DW8nKZIjCLwD+RlOYHAKGPHDS+vGndixoaHqrTr1EeDxIJRfhWMbhFa3jiA43HRn
UA0CjeIrN0Y7Ms4K7d8++5hi41CtNapPeaLjTcDvbGgQkY8Efl0v7od7LgKRAzKD
8Udi/hdE/bGn4HxfivjdoirVF9UizO2ASqFe7fRxrVilQoOcoAOb4XvToiK1bQnQ
Vp/9lxqwHEui6RN1g0SB0yBcMcrd5NEKGxILWgTyQUbQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:12 2025 by rpki-client